NEAS[.]9ce4a7ecc6833cf74e90e861f3bd9f79[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.9ce4a7ecc6833cf74e90e861f3bd9f79.exe
Size

502KB
MD5

9ce4a7ecc6833cf74e90e861f3bd9f79
SHA1

93eaafca89539f0f7c8ff18f1aa2e90e7a9e0e19
SHA256

0fdc4d9cc70b2f088711a35ce4df150739294190e9857586cb54440d78c8bcdb
SHA512

0752e276b814067ef77ee173160a9685373354de1a6fa35f0e3345e708b1e91196f4f8e6cac6b0827302f6797e3d2ac3aad0b43b2cf54961278f0e90d7981862
SSDEEP

6144:9+xL/bSJ468MlERnQ8+I4ashdcCuoIilZl6AOPU+BQ57b3nj1xr5E2gXI:MxnSJ4PMKRDCzuoeZWtF+1XI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.9ce4a7ecc6833cf74e90e861f3bd9f79.exe

Files

NEAS.9ce4a7ecc6833cf74e90e861f3bd9f79.exe
.exe windows:5 windows x86

8a18f5ece425f0b17cd180f901b117c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
GetWindowsDirectoryW
CreateThread
GetDiskFreeSpaceExW
WaitForSingleObject
GetTickCount
GetProcAddress
LoadLibraryW
CloseHandle
Process32FirstW
DeleteFileW
Process32NextW
CreateToolhelp32Snapshot
CreateFileW
GetModuleFileNameW
DeviceIoControl
GetCommandLineW
GlobalUnlock
GlobalLock
GlobalAlloc
Sleep
OutputDebugStringW
GetFileAttributesA
FindClose
FindNextFileA
ExpandEnvironmentStringsW
FindFirstFileA
SetEndOfFile
WriteConsoleW
FlushFileBuffers
GetConsoleCP
ReadConsoleW
GetConsoleMode
SetFilePointerEx
SetStdHandle
GetFileType
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
LCMapStringW
GetStringTypeW
WriteFile
GetStdHandle
GetModuleHandleExW
ExitProcess
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
SetLastError
EncodePointer
CreateMutexW
FreeResource
LockResource
SizeofResource
LoadResource
FindResourceW
ReadFile
MoveFileExW
MoveFileW
GetTempPathW
GetVolumePathNameW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
WideCharToMultiByte
MultiByteToWideChar
GetACP
GetLastError
FormatMessageW
RaiseException
DecodePointer
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
lstrlenW
FindFirstFileW
FindNextFileW
FreeLibrary
GetFileAttributesW
GetVersionExW

user32

DestroyWindow
PostMessageW
CreateWindowExW
SetFocus
SendMessageW
RegisterClassExW
SetPropW
LoadCursorW
FindWindowW
GetSystemMetrics
MoveWindow
ExitWindowsEx
wsprintfW
GetWindowLongW
EnableWindow
SetRectEmpty
ReleaseDC
GetDC
RemovePropW
ClientToScreen
IntersectRect
OffsetRect
PtInRect
SetRect
SetWindowPos
SetTimer
GetClientRect
EndPaint
UpdateLayeredWindow
BringWindowToTop
DefWindowProcW
GetPropW
IsRectEmpty
IsWindow
GetWindowRect
SystemParametersInfoW
SetCapture
ReleaseCapture
InvalidateRect
ShowWindow
KillTimer
TrackMouseEvent
ScreenToClient
GetMessageW
TranslateMessage
DispatchMessageW
GetUpdateRect
BeginPaint

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExW
RegSetValueExW
RegCloseKey

shell32

ShellExecuteExW

ole32

CoCreateGuid
CoInitialize
CreateStreamOnHGlobal

shlwapi

StrCmpNIW
PathAddBackslashW
PathFileExistsW
PathUnquoteSpacesW
PathRemoveArgsW
PathRemoveFileSpecW
PathFindExtensionA

comctl32

InitCommonControlsEx

gdiplus

GdipCreateBitmapFromStream
GdipCloneImage
GdipSetStringFormatAlign
GdipCreatePen1
GdipDeletePen
GdipDeleteStringFormat
GdipAlloc
GdipSetPenLineJoin
GdipDrawPath
GdipGetSmoothingMode
GdipAddPathStringI
GdipFillPath
GdipCreateSolidFill
GdipSetStringFormatLineAlign
GdipDisposeImage
GdipFree
GdiplusStartup
GdipCloneBrush
GdipCreatePath
GdipSetSmoothingMode
GdipDeletePath
GdipDeleteBrush
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipCreateStringFormat
GdipDrawString
GdipSetStringFormatTrimming
GdipCreateFont
GdipGetGenericFontFamilySansSerif
GdipDeleteFont
GdipSetClipRectI
GdipCreateFromHDC
GdipSetInterpolationMode
GdipSetCompositingQuality
GdipDeleteGraphics
GdipFillRectangleI
GdipGraphicsClear
GdipDrawImageRectRectI
GdipGetImageHeight
GdipGetImageWidth
GdipSaveGraphics
GdipRestoreGraphics
GdipDrawLineI
GdipCreatePen2
GdipGetLogFontW
GdipTranslateWorldTransform
GdipGetClipBoundsI
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipSetStringFormatFlags
GdipMeasureString
GdipDrawRectangleI

gdi32

SelectObject
CreateDIBSection
CreateFontIndirectW
DeleteObject
DeleteDC
GetStockObject
GetObjectW
BitBlt
CreateCompatibleDC

Sections

.text
Size: 211KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 181KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a18f5ece425f0b17cd180f901b117c5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

comctl32

gdiplus

gdi32

Sections

.text Size: 211KB - Virtual size: 211KB

.rdata Size: 90KB - Virtual size: 90KB

.data Size: 4KB - Virtual size: 8KB

.gfids Size: 512B - Virtual size: 344B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 181KB - Virtual size: 180KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 211KB - Virtual size: 211KB

.rdata
Size: 90KB - Virtual size: 90KB

.data
Size: 4KB - Virtual size: 8KB

.gfids
Size: 512B - Virtual size: 344B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 181KB - Virtual size: 180KB

.reloc
Size: 12KB - Virtual size: 12KB